iComp writes: Sysadmin blog I contributed to the massive DDoS attack against Spamhaus. What flowed through my network wasn't huge — it averaged 500Kbit/sec – but it contributed. This occurred because I made a simple configuration error when setting up a DNS server; it's fixed now, so let's do an autopsy.The problem.

I should start off by apologizing to CloudFlare and Spamhaus; my lapse contributed to a DDoS against their infrastructure. More damning than merely having been an unwitting participant is that I knew enough about this sort of attack to have set up rudimentary protections against it and yet I still forgot the critical component: actually disabling recursive lookups.

The way a DNS amplification attack works is simple. DNS servers can be configured in one of two basic ways. In one possible configuration a DNS server serves only domains for which it is responsible (authoritative). In the other configuration the DNS server serve those domains and goes looking on the wider internet for any domains it isn't personally set up to manage (recursive).Link to Original Source

Xcott Craver writes: After several years of inactivity, the Underhanded C contest has returned. The object is to write a short, readable, innocent-looking computer program that nevertheless performs some evil function for reasons that are not obvious under code review. The prize is a $200 gift certificate to ThinkGeek.Link to Original Source

"This, recruits, is a twenty-kilo ferrous slug. Feel the weight! Every five seconds, the main gun of an Everest-class dreadnought accelerates one to one-point-three percent of light-speed. It impacts with the force of a thirty-eight kiloton bomb — that is three times the yield of the city-buster dropped on Hiroshima back on Earth! That means SIR ISAAC NEWTON IS THE DEADLIEST SON OF A BITCH IN SPACE!"

An excursion event in a reactor isn't even close to the kiloton range (the one in reactor 4 at Chernobyl was only 33GW). The explosion you mentioned at Chernobyl was enough to toss a 2200 ton slab... but guess what... it was just steam radioactive as hell due to contamination from damaged rods (normally water in reactors when irradiated creates N-16 which is a short -lived (as in a few minutes) alpha emitter)... but still just steam. The amount of force in the explosion at Chernobyl was only about 10 tons. Enough to totally jack up the core and it's fuel/control rods but not vaporize the plant which is what would happen if you got into the kiloton range.

Second:

Critical mass only means you've got enough neutrons to maintain a fission reaction, that's it, scale has nothing to do with it. The neutron flux between rods is moderated by steam, water, and other neutron absorbers, adding more fissile material into the equation doens't equal more energy. In fact it can STOP your reaction as enough material will absorb neutrons but not emit them with enough energy to really do anything.

Third:

Yes there is such a thing as passive cooling systems that require no moving parts. Most nuclear subs use molton sodium as a coolant and natural convection moves the sodium in a loop. Fukushima had such a thing but it the command lines to that value were cut and power to open the valve wasn't there anyway. That still didn't matter as the valve could be opened by hand except that the radiation in that part of the plant was too high. Some estimates but it at almost 30Sv MINUTE and no matter how fast you ran or with how much protection you'd still be dead before you could open the valve.

Fourth:

Dumping cold water into a reactor, especially sea water, is a big no-no as that'll immediately cause an excursion in 99% of situations, passive cooling or not. The water would stop the reaction immediately but the excess neutrons would have no place to go, as the water attenuated the neutron flux, and would MELT the fuel rods in a few minutes. If it's sea water you also get corrosion. When ordinary water is irradiated with strong alpha it becomes corrosive, reactor piping is designed to deal with the chemical reaction (peroxide) and so isn't in any danger as long as procedures are followed. Sea water on the other hand is corrosive against the same materials that are generally inert against irradiated water.

Fifth:

Fukushima had a N+2 failure system, you'd need two completely isolated systems to fail before things got ugly and the odds of that happening were extremely unlikely.

Um... what type of reactor are you an expert in as doing what you said in that last post would be a very stupid thing to do?

Unless you're dealing with highly enriched materials with proper reflectors and shape (these things REALLY matter) you're generally not going to get any sort of supercriticality, not to mention setting off a nuclear explosion isn't something that you can do just by accident. Even a simple device like 'Little Boy' requires some extreme engineering. A multistage device with a megaton yield....by accident? Not gonna happen... this pesky thing called physics will get in the way.

Second:
We don't care about using unenriched uranium. That's a good thing to use as enriched uranium is incredibly dangerous to make (Bing uranium hexafloride), and dealing with weapons-grade anything is always dangerous.

Third:

Traveling wave reactors are fairly hands off deals. Most other reactors require constant attention to maintain their "balance" and if intimate knowledge of the system (along with piss poor planning and bad control rod design) is lacking then you can end up with situations like Chernobyl. If your DR plan doesn't account for a completely passive cooling system, as in Fukushima, or a dark plant... again see Fukushima.

Crickey! Will you loo' at that. We're so very lucky! You almost never see a four digit this far from its native habitat of lurking an' she's being stalked by this five digit that's almost as rare.
It's times like this I'm gla' I don't work with lizards that might eat me!//Window seat please...

Ivan Vanko: [laughs] If you could make God bleed, people would cease to believe in him, there will be blood in the water, the sharks will come. All I have to do is sit back and watch as the world consumes you.
Not that Sony was ever a God but the idea holds for any giant corporation with enough money buy the best security in the world. They were made to bleed and this won't be the last of these.

Is it me or does the governor of AZ wake up and say, "What civil liberties can I shit on today? Oh! I know! I'll start enforcing medical programs just like Big Brother did in 1984. Winston seemed to like it so much!"